Chapter 7

Risk Messaging

The greatest problem of communication is the illusion that it has been accomplished.

George Bernard Shaw

Risk messaging is the fourth step in the ERM process cycle. In this chapter, we will discuss two types of risk messaging: internal risk messaging and external risk messaging.

Internal Risk Messaging

Internal risk messaging refers to incorporating ERM information into performance measurement and management.

There are two aspects of internal risk messaging:

1. Integrating ERM into business performance analysis

2. Integrating ERM into incentive compensation

Embedding ERM information into business performance analysis and incentive compensation signals all levels of management that there is a strong commitment to the ERM program. Effective internal risk messaging is necessary to drive the appropriate ERM activities in the risk identification, risk quantification, and risk decision making ERM process steps. If internal risk messaging is ineffective or nonexistent, management realizes that they themselves are being measured on the same basis that pre-dated ERM; as a result management begins to minimize ERM efforts or ignore them altogether.

Internal risk messaging—integrating ERM into performance measurement and management—along with integrating ERM into decision making (discussed in Chapter 6), constitute what we are defining as risk culture.

Integrating ERM into Business Performance Analysis

We will discuss how ERM enhances two traditional methods for ...

Get Corporate Value of Enterprise Risk Management: The Next Step in Business Management now with the O’Reilly learning platform.

O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.